How to Solve 403 Error in Spring Boot Post Request (#14303)

* How to Solve 403 Error in Spring Boot Post Request * How to Solve 403 Error in Spring Boot Post Request
2023-07-08 13:50:38 +00:00 · 2023-07-08 13:50:38 +00:00 · afb42b5674
parent 571df122f7
commit afb42b5674
2 changed files with 58 additions and 0 deletions
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/controller/TestController.java
@ -0,0 +1,14 @@
 package com.baeldung.forbiddenerror.controller;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RestController;
@RestController
 public class TestController {
    @PostMapping("/test-request")
    public ResponseEntity<String> testPostRequest() {
        return ResponseEntity.ok("POST request successful");
    }
 }
--- a/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java
+++ b/spring-security-modules/spring-security-web-rest/src/main/java/com/baeldung/forbiddenerror/security/WebSecurityConfig.java
@ -0,0 +1,44 @@
 package com.baeldung.forbiddenerror.security;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.provisioning.InMemoryUserDetailsManager;
 import org.springframework.security.web.SecurityFilterChain;
 import static org.springframework.security.config.Customizer.withDefaults;
@Configuration
@EnableWebSecurity
 public class WebSecurityConfig {
    @Bean
    public InMemoryUserDetailsManager userDetailsService() {
        UserDetails user = User.withUsername("user")
          .password(encoder().encode("userPass"))
          .roles("USER")
          .build();
        return new InMemoryUserDetailsManager(user);
    }
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest()
          .authenticated())
          .httpBasic(withDefaults())
          .formLogin(withDefaults())
          .csrf(AbstractHttpConfigurer::disable);
        return http.build();
    }
    @Bean
    public PasswordEncoder encoder() {
        return new BCryptPasswordEncoder();
    }
 }